Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/7e7b8b-79e0-4f51-b866-67ad60d386dd/1/6cqFumwYbobMDkWDDiEiiFoc7Sg.roa
File: 6cqFumwYbobMDkWDDiEiiFoc7Sg.roa (raw, json)
Hash identifier: 4eHS/VJ9mPCyO9nNLtbC8pNl7VyahPHi4NuuAaELh/w=
Subject key identifier: E9:CA:85:BA:6C:18:6E:86:CC:0E:45:83:0E:21:22:88:5A:1C:ED:28
Certificate issuer: /CN=6d85061361b19f212efe90c2d8cf3eee617f20e5
Certificate serial: 019424456DC6AA6439D488682E314DB3386D
Authority key identifier: 6D:85:06:13:61:B1:9F:21:2E:FE:90:C2:D8:CF:3E:EE:61:7F:20:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bYUGE2GxnyEu_pDC2M8-7mF_IOU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/7e7b8b-79e0-4f51-b866-67ad60d386dd/1/6cqFumwYbobMDkWDDiEiiFoc7Sg.roa
Signing time: Wed 01 Jan 2025 23:48:37 +0000
ROA not before: Wed 01 Jan 2025 23:48:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202513
IP address blocks: 43.230.184.0/22 maxlen: 24
185.98.16.0/22 maxlen: 24
185.249.148.0/22 maxlen: 24
2a0c:97c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 02 Apr 2025 14:54:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:6d:c6:aa:64:39:d4:88:68:2e:31:4d:b3:38:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d85061361b19f212efe90c2d8cf3eee617f20e5
Validity
Not Before: Jan 1 23:48:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e9ca85ba6c186e86cc0e45830e2122885a1ced28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:bd:27:ba:45:9c:bc:48:19:7a:79:04:7d:9c:
3e:83:4e:07:a7:e3:7b:1c:e0:f9:98:db:26:be:4c:
3d:db:64:03:c1:a6:52:19:56:b3:05:a7:98:24:1a:
2f:e2:9c:a5:7e:8e:d7:01:a7:76:d4:de:56:ab:12:
cd:86:14:6b:21:03:fe:06:f9:28:47:e9:9a:f8:b1:
4e:58:a9:28:99:34:c0:cf:ab:bc:a7:62:7f:cc:4b:
35:36:a8:49:fb:12:08:8f:17:91:cd:ee:a6:ec:9f:
32:9e:35:ac:db:13:30:0a:a2:49:9c:a9:9c:14:0a:
dd:db:4e:95:6b:f1:2f:82:72:ed:86:83:55:ba:91:
6d:3b:3d:4d:34:02:50:44:e2:4c:75:45:24:40:89:
27:6d:f5:ea:86:9f:6c:33:3e:73:7d:22:d7:7c:52:
53:50:b0:91:71:f6:90:7c:4e:21:de:ed:27:6d:75:
20:0d:b4:59:66:8b:67:31:dc:21:80:dc:40:3f:8b:
72:1a:b6:f9:09:85:b1:96:d5:13:35:ce:86:29:c9:
d8:14:65:14:c2:9c:44:ce:1c:7c:36:35:bf:58:5f:
f2:f4:77:27:b7:77:ff:cc:8e:68:ff:de:08:e8:2b:
fa:4a:32:39:a0:a0:e2:2c:85:1c:1f:d4:ad:d9:e4:
e9:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:CA:85:BA:6C:18:6E:86:CC:0E:45:83:0E:21:22:88:5A:1C:ED:28
X509v3 Authority Key Identifier:
keyid:6D:85:06:13:61:B1:9F:21:2E:FE:90:C2:D8:CF:3E:EE:61:7F:20:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bYUGE2GxnyEu_pDC2M8-7mF_IOU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/7e7b8b-79e0-4f51-b866-67ad60d386dd/1/6cqFumwYbobMDkWDDiEiiFoc7Sg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/7e7b8b-79e0-4f51-b866-67ad60d386dd/1/bYUGE2GxnyEu_pDC2M8-7mF_IOU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
43.230.184.0/22
185.98.16.0/22
185.249.148.0/22
IPv6:
2a0c:97c0::/29
Signature Algorithm: sha256WithRSAEncryption
7c:40:0a:d2:94:0d:c3:12:40:3e:83:31:00:2a:d8:51:34:83:
7b:1f:0e:2a:8e:ef:7e:af:b9:12:59:e0:9f:16:9d:1c:bf:9e:
5a:a1:c4:0e:84:26:27:82:7c:76:ea:6c:96:f4:19:4a:48:de:
23:55:37:b1:76:50:2a:80:48:ea:04:c7:7e:ef:2f:ef:65:55:
65:48:29:63:d4:1b:2b:54:04:32:61:37:18:2c:fb:3e:fb:fd:
d7:63:76:cf:d1:a7:12:a5:8a:2d:81:10:2b:64:c4:30:fa:57:
cd:7b:81:23:dd:94:62:52:0b:fe:d9:a7:ec:67:c9:36:51:ec:
54:14:89:4d:59:28:bc:6b:a9:23:01:78:a8:3d:e6:36:69:1e:
f8:73:8f:68:c7:36:8e:bd:7c:b7:8f:1f:15:c4:b8:4c:59:4b:
46:17:b9:45:54:05:69:d0:1d:ac:15:48:45:40:1e:9e:f0:61:
fd:37:2d:af:15:2b:e8:ed:e1:dd:2b:18:5d:ef:76:13:b3:00:
b1:bd:c0:62:e4:50:af:b2:dc:d0:29:7b:ba:52:e8:1f:0e:b4:
17:3c:87:87:a8:20:6e:12:a0:3d:97:13:5e:43:8d:6f:90:42:
17:11:a6:85:4e:25:92:15:cb:6f:1f:bd:f1:ca:56:55:e1:67:
1c:4c:49:7a
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQkRW3GqmQ51IhoLjFNszhtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkODUwNjEzNjFiMTlmMjEyZWZlOTBjMmQ4Y2YzZWVlNjE3
ZjIwZTUwHhcNMjUwMTAxMjM0ODM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOWNhODViYTZjMTg2ZTg2Y2MwZTQ1ODMwZTIxMjI4ODVhMWNlZDI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr70nukWcvEgZenkEfZw+g04Hp+N7
HOD5mNsmvkw922QDwaZSGVazBaeYJBov4pylfo7XAad21N5WqxLNhhRrIQP+Bvko
R+ma+LFOWKkomTTAz6u8p2J/zEs1NqhJ+xIIjxeRze6m7J8ynjWs2xMwCqJJnKmc
FArd206Va/EvgnLthoNVupFtOz1NNAJQROJMdUUkQIknbfXqhp9sMz5zfSLXfFJT
ULCRcfaQfE4h3u0nbXUgDbRZZotnMdwhgNxAP4tyGrb5CYWxltUTNc6GKcnYFGUU
wpxEzhx8NjW/WF/y9Hcnt3f/zI5o/94I6Cv6SjI5oKDiLIUcH9St2eTphQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFOnKhbpsGG6GzA5Fgw4hIohaHO0oMB8GA1UdIwQY
MBaAFG2FBhNhsZ8hLv6QwtjPPu5hfyDlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYllVR0UyR3hueUV1X3BEQzJNOC03bUZfSU9VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC83ZTdiOGItNzllMC00ZjUxLWI4NjYt
NjdhZDYwZDM4NmRkLzEvNmNxRnVtd1lib2JNRGtXRERpRWlpRm9jN1NnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC83ZTdiOGItNzllMC00ZjUxLWI4NjYtNjdhZDYwZDM4NmRk
LzEvYllVR0UyR3hueUV1X3BEQzJNOC03bUZfSU9VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCK+a4AwQC
uWIQAwQCufmUMA0EAgACMAcDBQMqDJfAMA0GCSqGSIb3DQEBCwUAA4IBAQB8QArS
lA3DEkA+gzEAKthRNIN7Hw4qju9+r7kSWeCfFp0cv55aocQOhCYngnx26myW9BlK
SN4jVTexdlAqgEjqBMd+7y/vZVVlSClj1BsrVAQyYTcYLPs++/3XY3bP0acSpYot
gRArZMQw+lfNe4Ej3ZRiUgv+2afsZ8k2UexUFIlNWSi8a6kjAXioPeY2aR74c49o
xzaOvXy3jx8VxLhMWUtGF7lFVAVp0B2sFUhFQB6e8GH9Ny2vFSvo7eHdKxhd73YT
swCxvcBi5FCvstzQKXu6UugfDrQXPIeHqCBuEqA9lxNeQ41vkEIXEaaFTiWSFctv
H73xylZV4WccTEl6
-----END CERTIFICATE-----
Generated at Wed Apr 23 04:01:26 2025 by rpki-client